Represents a {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend vault_ad_secret_backend}.
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;
AdSecretBackend.Builder.create(Construct scope, java.lang.String id)
// .connection(SSHProvisionerConnection)
// .connection(WinrmProvisionerConnection)
// .count(java.lang.Number)
// .count(TerraformCount)
// .dependsOn(java.util.List<ITerraformDependable>)
// .forEach(ITerraformIterator)
// .lifecycle(TerraformResourceLifecycle)
// .provider(TerraformProvider)
// .provisioners(java.util.List<FileProvisioner)
// .provisioners(LocalExecProvisioner)
// .provisioners(RemoteExecProvisioner>)
.binddn(java.lang.String)
.bindpass(java.lang.String)
// .anonymousGroupSearch(java.lang.Boolean)
// .anonymousGroupSearch(IResolvable)
// .backend(java.lang.String)
// .caseSensitiveNames(java.lang.Boolean)
// .caseSensitiveNames(IResolvable)
// .certificate(java.lang.String)
// .clientTlsCert(java.lang.String)
// .clientTlsKey(java.lang.String)
// .defaultLeaseTtlSeconds(java.lang.Number)
// .denyNullBind(java.lang.Boolean)
// .denyNullBind(IResolvable)
// .description(java.lang.String)
// .disableRemount(java.lang.Boolean)
// .disableRemount(IResolvable)
// .discoverdn(java.lang.Boolean)
// .discoverdn(IResolvable)
// .groupattr(java.lang.String)
// .groupdn(java.lang.String)
// .groupfilter(java.lang.String)
// .id(java.lang.String)
// .insecureTls(java.lang.Boolean)
// .insecureTls(IResolvable)
// .lastRotationTolerance(java.lang.Number)
// .local(java.lang.Boolean)
// .local(IResolvable)
// .maxLeaseTtlSeconds(java.lang.Number)
// .maxTtl(java.lang.Number)
// .namespace(java.lang.String)
// .passwordPolicy(java.lang.String)
// .requestTimeout(java.lang.Number)
// .starttls(java.lang.Boolean)
// .starttls(IResolvable)
// .tlsMaxVersion(java.lang.String)
// .tlsMinVersion(java.lang.String)
// .ttl(java.lang.Number)
// .upndomain(java.lang.String)
// .url(java.lang.String)
// .usePre111GroupCnBehavior(java.lang.Boolean)
// .usePre111GroupCnBehavior(IResolvable)
// .userattr(java.lang.String)
// .userdn(java.lang.String)
// .useTokenGroups(java.lang.Boolean)
// .useTokenGroups(IResolvable)
.build();
Name | Type | Description |
---|---|---|
scope |
software.constructs.Construct |
The scope in which to define this construct. |
id |
java.lang.String |
The scoped construct ID. |
connection |
com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection |
No description. |
count |
java.lang.Number OR com.hashicorp.cdktf.TerraformCount |
No description. |
dependsOn |
java.util.List<com.hashicorp.cdktf.ITerraformDependable> |
No description. |
forEach |
com.hashicorp.cdktf.ITerraformIterator |
No description. |
lifecycle |
com.hashicorp.cdktf.TerraformResourceLifecycle |
No description. |
provider |
com.hashicorp.cdktf.TerraformProvider |
No description. |
provisioners |
java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> |
No description. |
binddn |
java.lang.String |
Distinguished name of object to bind when performing user and group search. |
bindpass |
java.lang.String |
LDAP password for searching for the user DN. |
anonymousGroupSearch |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test). |
backend |
java.lang.String |
The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad". |
caseSensitiveNames |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If true, case sensitivity will be used when comparing usernames and groups for matching policies. |
certificate |
java.lang.String |
CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded. |
clientTlsCert |
java.lang.String |
Client certificate to provide to the LDAP server, must be x509 PEM encoded. |
clientTlsKey |
java.lang.String |
Client certificate key to provide to the LDAP server, must be x509 PEM encoded. |
defaultLeaseTtlSeconds |
java.lang.Number |
Default lease duration for secrets in seconds. |
denyNullBind |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true. |
description |
java.lang.String |
Human-friendly description of the mount for the backend. |
disableRemount |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If set, opts out of mount migration on path updates. |
discoverdn |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Use anonymous bind to discover the bind DN of a user. |
groupattr |
java.lang.String |
LDAP attribute to follow on objects returned by in order to enumerate user group membership. |
groupdn |
java.lang.String |
LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org). |
groupfilter |
java.lang.String |
Go template for querying group membership of user. |
id |
java.lang.String |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}. |
insecureTls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Skip LDAP server SSL Certificate verification - insecure and not recommended for production use. |
lastRotationTolerance |
java.lang.Number |
The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band. |
local |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Mark the secrets engine as local-only. |
maxLeaseTtlSeconds |
java.lang.Number |
Maximum possible lease duration for secrets in seconds. |
maxTtl |
java.lang.Number |
In seconds, the maximum password time-to-live. |
namespace |
java.lang.String |
Target namespace. (requires Enterprise). |
passwordPolicy |
java.lang.String |
Name of the password policy to use to generate passwords. |
requestTimeout |
java.lang.Number |
Timeout, in seconds, for the connection when making requests against the server before returning back an error. |
starttls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Issue a StartTLS command after establishing unencrypted connection. |
tlsMaxVersion |
java.lang.String |
Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'. |
tlsMinVersion |
java.lang.String |
Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'. |
ttl |
java.lang.Number |
In seconds, the default password time-to-live. |
upndomain |
java.lang.String |
Enables userPrincipalDomain login with [username]@UPNDomain. |
url |
java.lang.String |
LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order. |
usePre111GroupCnBehavior |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations. |
userattr |
java.lang.String |
Attribute used for users (default: cn). |
userdn |
java.lang.String |
LDAP domain to use for users (eg: ou=People,dc=example,dc=org). |
useTokenGroups |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships. |
- Type: software.constructs.Construct
The scope in which to define this construct.
- Type: java.lang.String
The scoped construct ID.
Must be unique amongst siblings in the same scope
- Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection
- Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount
- Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>
- Type: com.hashicorp.cdktf.ITerraformIterator
- Type: com.hashicorp.cdktf.TerraformResourceLifecycle
- Type: com.hashicorp.cdktf.TerraformProvider
- Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>
- Type: java.lang.String
Distinguished name of object to bind when performing user and group search.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#binddn AdSecretBackend#binddn}
- Type: java.lang.String
LDAP password for searching for the user DN.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#bindpass AdSecretBackend#bindpass}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#anonymous_group_search AdSecretBackend#anonymous_group_search}
- Type: java.lang.String
The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#backend AdSecretBackend#backend}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If true, case sensitivity will be used when comparing usernames and groups for matching policies.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#case_sensitive_names AdSecretBackend#case_sensitive_names}
- Type: java.lang.String
CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#certificate AdSecretBackend#certificate}
- Type: java.lang.String
Client certificate to provide to the LDAP server, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_cert AdSecretBackend#client_tls_cert}
- Type: java.lang.String
Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_key AdSecretBackend#client_tls_key}
- Type: java.lang.Number
Default lease duration for secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#default_lease_ttl_seconds AdSecretBackend#default_lease_ttl_seconds}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#deny_null_bind AdSecretBackend#deny_null_bind}
- Type: java.lang.String
Human-friendly description of the mount for the backend.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#description AdSecretBackend#description}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If set, opts out of mount migration on path updates.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#disable_remount AdSecretBackend#disable_remount}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Use anonymous bind to discover the bind DN of a user.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#discoverdn AdSecretBackend#discoverdn}
- Type: java.lang.String
LDAP attribute to follow on objects returned by in order to enumerate user group membership.
Examples: "cn" or "memberOf", etc. Default: cn
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupattr AdSecretBackend#groupattr}
- Type: java.lang.String
LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupdn AdSecretBackend#groupdn}
- Type: java.lang.String
Go template for querying group membership of user.
The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupfilter AdSecretBackend#groupfilter}
- Type: java.lang.String
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#insecure_tls AdSecretBackend#insecure_tls}
- Type: java.lang.Number
The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#last_rotation_tolerance AdSecretBackend#last_rotation_tolerance}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Mark the secrets engine as local-only.
Local engines are not replicated or removed by replication.Tolerance duration to use when checking the last rotation time.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#local AdSecretBackend#local}
- Type: java.lang.Number
Maximum possible lease duration for secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_lease_ttl_seconds AdSecretBackend#max_lease_ttl_seconds}
- Type: java.lang.Number
In seconds, the maximum password time-to-live.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_ttl AdSecretBackend#max_ttl}
- Type: java.lang.String
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#namespace AdSecretBackend#namespace}
- Type: java.lang.String
Name of the password policy to use to generate passwords.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#password_policy AdSecretBackend#password_policy}
- Type: java.lang.Number
Timeout, in seconds, for the connection when making requests against the server before returning back an error.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#request_timeout AdSecretBackend#request_timeout}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Issue a StartTLS command after establishing unencrypted connection.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#starttls AdSecretBackend#starttls}
- Type: java.lang.String
Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_max_version AdSecretBackend#tls_max_version}
- Type: java.lang.String
Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_min_version AdSecretBackend#tls_min_version}
- Type: java.lang.Number
In seconds, the default password time-to-live.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#ttl AdSecretBackend#ttl}
- Type: java.lang.String
Enables userPrincipalDomain login with [username]@UPNDomain.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#upndomain AdSecretBackend#upndomain}
- Type: java.lang.String
LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#url AdSecretBackend#url}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_pre111_group_cn_behavior AdSecretBackend#use_pre111_group_cn_behavior}
- Type: java.lang.String
Attribute used for users (default: cn).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userattr AdSecretBackend#userattr}
- Type: java.lang.String
LDAP domain to use for users (eg: ou=People,dc=example,dc=org).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userdn AdSecretBackend#userdn}
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.
This will find all security groups including nested ones.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_token_groups AdSecretBackend#use_token_groups}
Name | Description |
---|---|
toString |
Returns a string representation of this construct. |
addOverride |
No description. |
overrideLogicalId |
Overrides the auto-generated logical ID with a specific ID. |
resetOverrideLogicalId |
Resets a previously passed logical Id to use the auto-generated logical id again. |
toHclTerraform |
No description. |
toMetadata |
No description. |
toTerraform |
Adds this resource to the terraform JSON output. |
addMoveTarget |
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move. |
getAnyMapAttribute |
No description. |
getBooleanAttribute |
No description. |
getBooleanMapAttribute |
No description. |
getListAttribute |
No description. |
getNumberAttribute |
No description. |
getNumberListAttribute |
No description. |
getNumberMapAttribute |
No description. |
getStringAttribute |
No description. |
getStringMapAttribute |
No description. |
hasResourceMove |
No description. |
importFrom |
No description. |
interpolationForAttribute |
No description. |
moveFromId |
Move the resource corresponding to "id" to this resource. |
moveTo |
Moves this resource to the target resource given by moveTarget. |
moveToId |
Moves this resource to the resource corresponding to "id". |
resetAnonymousGroupSearch |
No description. |
resetBackend |
No description. |
resetCaseSensitiveNames |
No description. |
resetCertificate |
No description. |
resetClientTlsCert |
No description. |
resetClientTlsKey |
No description. |
resetDefaultLeaseTtlSeconds |
No description. |
resetDenyNullBind |
No description. |
resetDescription |
No description. |
resetDisableRemount |
No description. |
resetDiscoverdn |
No description. |
resetGroupattr |
No description. |
resetGroupdn |
No description. |
resetGroupfilter |
No description. |
resetId |
No description. |
resetInsecureTls |
No description. |
resetLastRotationTolerance |
No description. |
resetLocal |
No description. |
resetMaxLeaseTtlSeconds |
No description. |
resetMaxTtl |
No description. |
resetNamespace |
No description. |
resetPasswordPolicy |
No description. |
resetRequestTimeout |
No description. |
resetStarttls |
No description. |
resetTlsMaxVersion |
No description. |
resetTlsMinVersion |
No description. |
resetTtl |
No description. |
resetUpndomain |
No description. |
resetUrl |
No description. |
resetUsePre111GroupCnBehavior |
No description. |
resetUserattr |
No description. |
resetUserdn |
No description. |
resetUseTokenGroups |
No description. |
public java.lang.String toString()
Returns a string representation of this construct.
public void addOverride(java.lang.String path, java.lang.Object value)
- Type: java.lang.String
- Type: java.lang.Object
public void overrideLogicalId(java.lang.String newLogicalId)
Overrides the auto-generated logical ID with a specific ID.
- Type: java.lang.String
The new logical ID to use for this stack element.
public void resetOverrideLogicalId()
Resets a previously passed logical Id to use the auto-generated logical id again.
public java.lang.Object toHclTerraform()
public java.lang.Object toMetadata()
public java.lang.Object toTerraform()
Adds this resource to the terraform JSON output.
public void addMoveTarget(java.lang.String moveTarget)
Adds a user defined moveTarget string to this resource to be later used in .moveTo(moveTarget) to resolve the location of the move.
- Type: java.lang.String
The string move target that will correspond to this resource.
public java.util.Map<java.lang.String, java.lang.Object> getAnyMapAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public IResolvable getBooleanAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.util.Map<java.lang.String, java.lang.Boolean> getBooleanMapAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.util.List<java.lang.String> getListAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.lang.Number getNumberAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.util.List<java.lang.Number> getNumberListAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.util.Map<java.lang.String, java.lang.Number> getNumberMapAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.lang.String getStringAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public java.util.Map<java.lang.String, java.lang.String> getStringMapAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public TerraformResourceMoveByTarget OR TerraformResourceMoveById hasResourceMove()
public void importFrom(java.lang.String id)
public void importFrom(java.lang.String id, TerraformProvider provider)
- Type: java.lang.String
- Type: com.hashicorp.cdktf.TerraformProvider
public IResolvable interpolationForAttribute(java.lang.String terraformAttribute)
- Type: java.lang.String
public void moveFromId(java.lang.String id)
Move the resource corresponding to "id" to this resource.
Note that the resource being moved from must be marked as moved using it's instance function.
- Type: java.lang.String
Full id of resource being moved from, e.g. "aws_s3_bucket.example".
public void moveTo(java.lang.String moveTarget)
public void moveTo(java.lang.String moveTarget, java.lang.String OR java.lang.Number index)
Moves this resource to the target resource given by moveTarget.
- Type: java.lang.String
The previously set user defined string set by .addMoveTarget() corresponding to the resource to move to.
- Type: java.lang.String OR java.lang.Number
Optional The index corresponding to the key the resource is to appear in the foreach of a resource to move to.
public void moveToId(java.lang.String id)
Moves this resource to the resource corresponding to "id".
- Type: java.lang.String
Full id of resource to move to, e.g. "aws_s3_bucket.example".
public void resetAnonymousGroupSearch()
public void resetBackend()
public void resetCaseSensitiveNames()
public void resetCertificate()
public void resetClientTlsCert()
public void resetClientTlsKey()
public void resetDefaultLeaseTtlSeconds()
public void resetDenyNullBind()
public void resetDescription()
public void resetDisableRemount()
public void resetDiscoverdn()
public void resetGroupattr()
public void resetGroupdn()
public void resetGroupfilter()
public void resetId()
public void resetInsecureTls()
public void resetLastRotationTolerance()
public void resetLocal()
public void resetMaxLeaseTtlSeconds()
public void resetMaxTtl()
public void resetNamespace()
public void resetPasswordPolicy()
public void resetRequestTimeout()
public void resetStarttls()
public void resetTlsMaxVersion()
public void resetTlsMinVersion()
public void resetTtl()
public void resetUpndomain()
public void resetUrl()
public void resetUsePre111GroupCnBehavior()
public void resetUserattr()
public void resetUserdn()
public void resetUseTokenGroups()
Name | Description |
---|---|
isConstruct |
Checks if x is a construct. |
isTerraformElement |
No description. |
isTerraformResource |
No description. |
generateConfigForImport |
Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ". |
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;
AdSecretBackend.isConstruct(java.lang.Object x)
Checks if x
is a construct.
Use this method instead of instanceof
to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs
library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct
in each copy of the constructs
library
is seen as a different class, and an instance of one class will not test as
instanceof
the other class. npm install
will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof
will behave
unpredictably. It is safest to avoid using instanceof
, and using
this type-testing method instead.
- Type: java.lang.Object
Any object.
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;
AdSecretBackend.isTerraformElement(java.lang.Object x)
- Type: java.lang.Object
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;
AdSecretBackend.isTerraformResource(java.lang.Object x)
- Type: java.lang.Object
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackend;
AdSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId),AdSecretBackend.generateConfigForImport(Construct scope, java.lang.String importToId, java.lang.String importFromId, TerraformProvider provider)
Generates CDKTF code for importing a AdSecretBackend resource upon running "cdktf plan ".
- Type: software.constructs.Construct
The scope in which to define this construct.
- Type: java.lang.String
The construct id used in the generated config for the AdSecretBackend to import.
- Type: java.lang.String
The id of the existing AdSecretBackend that should be imported.
Refer to the {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#import import section} in the documentation of this resource for the id to use
- Type: com.hashicorp.cdktf.TerraformProvider
? Optional instance of the provider where the AdSecretBackend to import is found.
Name | Type | Description |
---|---|---|
node |
software.constructs.Node |
The tree node. |
cdktfStack |
com.hashicorp.cdktf.TerraformStack |
No description. |
fqn |
java.lang.String |
No description. |
friendlyUniqueId |
java.lang.String |
No description. |
terraformMetaArguments |
java.util.Map<java.lang.String, java.lang.Object> |
No description. |
terraformResourceType |
java.lang.String |
No description. |
terraformGeneratorMetadata |
com.hashicorp.cdktf.TerraformProviderGeneratorMetadata |
No description. |
connection |
com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection |
No description. |
count |
java.lang.Number OR com.hashicorp.cdktf.TerraformCount |
No description. |
dependsOn |
java.util.List<java.lang.String> |
No description. |
forEach |
com.hashicorp.cdktf.ITerraformIterator |
No description. |
lifecycle |
com.hashicorp.cdktf.TerraformResourceLifecycle |
No description. |
provider |
com.hashicorp.cdktf.TerraformProvider |
No description. |
provisioners |
java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> |
No description. |
anonymousGroupSearchInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
backendInput |
java.lang.String |
No description. |
binddnInput |
java.lang.String |
No description. |
bindpassInput |
java.lang.String |
No description. |
caseSensitiveNamesInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
certificateInput |
java.lang.String |
No description. |
clientTlsCertInput |
java.lang.String |
No description. |
clientTlsKeyInput |
java.lang.String |
No description. |
defaultLeaseTtlSecondsInput |
java.lang.Number |
No description. |
denyNullBindInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
descriptionInput |
java.lang.String |
No description. |
disableRemountInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
discoverdnInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
groupattrInput |
java.lang.String |
No description. |
groupdnInput |
java.lang.String |
No description. |
groupfilterInput |
java.lang.String |
No description. |
idInput |
java.lang.String |
No description. |
insecureTlsInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
lastRotationToleranceInput |
java.lang.Number |
No description. |
localInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
maxLeaseTtlSecondsInput |
java.lang.Number |
No description. |
maxTtlInput |
java.lang.Number |
No description. |
namespaceInput |
java.lang.String |
No description. |
passwordPolicyInput |
java.lang.String |
No description. |
requestTimeoutInput |
java.lang.Number |
No description. |
starttlsInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
tlsMaxVersionInput |
java.lang.String |
No description. |
tlsMinVersionInput |
java.lang.String |
No description. |
ttlInput |
java.lang.Number |
No description. |
upndomainInput |
java.lang.String |
No description. |
urlInput |
java.lang.String |
No description. |
usePre111GroupCnBehaviorInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
userattrInput |
java.lang.String |
No description. |
userdnInput |
java.lang.String |
No description. |
useTokenGroupsInput |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
anonymousGroupSearch |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
backend |
java.lang.String |
No description. |
binddn |
java.lang.String |
No description. |
bindpass |
java.lang.String |
No description. |
caseSensitiveNames |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
certificate |
java.lang.String |
No description. |
clientTlsCert |
java.lang.String |
No description. |
clientTlsKey |
java.lang.String |
No description. |
defaultLeaseTtlSeconds |
java.lang.Number |
No description. |
denyNullBind |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
description |
java.lang.String |
No description. |
disableRemount |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
discoverdn |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
groupattr |
java.lang.String |
No description. |
groupdn |
java.lang.String |
No description. |
groupfilter |
java.lang.String |
No description. |
id |
java.lang.String |
No description. |
insecureTls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
lastRotationTolerance |
java.lang.Number |
No description. |
local |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
maxLeaseTtlSeconds |
java.lang.Number |
No description. |
maxTtl |
java.lang.Number |
No description. |
namespace |
java.lang.String |
No description. |
passwordPolicy |
java.lang.String |
No description. |
requestTimeout |
java.lang.Number |
No description. |
starttls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
tlsMaxVersion |
java.lang.String |
No description. |
tlsMinVersion |
java.lang.String |
No description. |
ttl |
java.lang.Number |
No description. |
upndomain |
java.lang.String |
No description. |
url |
java.lang.String |
No description. |
usePre111GroupCnBehavior |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
userattr |
java.lang.String |
No description. |
userdn |
java.lang.String |
No description. |
useTokenGroups |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
No description. |
public Node getNode();
- Type: software.constructs.Node
The tree node.
public TerraformStack getCdktfStack();
- Type: com.hashicorp.cdktf.TerraformStack
public java.lang.String getFqn();
- Type: java.lang.String
public java.lang.String getFriendlyUniqueId();
- Type: java.lang.String
public java.util.Map<java.lang.String, java.lang.Object> getTerraformMetaArguments();
- Type: java.util.Map<java.lang.String, java.lang.Object>
public java.lang.String getTerraformResourceType();
- Type: java.lang.String
public TerraformProviderGeneratorMetadata getTerraformGeneratorMetadata();
- Type: com.hashicorp.cdktf.TerraformProviderGeneratorMetadata
public java.lang.Object getConnection();
- Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection
public java.lang.Object getCount();
- Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount
public java.util.List<java.lang.String> getDependsOn();
- Type: java.util.List<java.lang.String>
public ITerraformIterator getForEach();
- Type: com.hashicorp.cdktf.ITerraformIterator
public TerraformResourceLifecycle getLifecycle();
- Type: com.hashicorp.cdktf.TerraformResourceLifecycle
public TerraformProvider getProvider();
- Type: com.hashicorp.cdktf.TerraformProvider
public java.lang.Object getProvisioners();
- Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>
public java.lang.Object getAnonymousGroupSearchInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getBackendInput();
- Type: java.lang.String
public java.lang.String getBinddnInput();
- Type: java.lang.String
public java.lang.String getBindpassInput();
- Type: java.lang.String
public java.lang.Object getCaseSensitiveNamesInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getCertificateInput();
- Type: java.lang.String
public java.lang.String getClientTlsCertInput();
- Type: java.lang.String
public java.lang.String getClientTlsKeyInput();
- Type: java.lang.String
public java.lang.Number getDefaultLeaseTtlSecondsInput();
- Type: java.lang.Number
public java.lang.Object getDenyNullBindInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getDescriptionInput();
- Type: java.lang.String
public java.lang.Object getDisableRemountInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Object getDiscoverdnInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getGroupattrInput();
- Type: java.lang.String
public java.lang.String getGroupdnInput();
- Type: java.lang.String
public java.lang.String getGroupfilterInput();
- Type: java.lang.String
public java.lang.String getIdInput();
- Type: java.lang.String
public java.lang.Object getInsecureTlsInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Number getLastRotationToleranceInput();
- Type: java.lang.Number
public java.lang.Object getLocalInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Number getMaxLeaseTtlSecondsInput();
- Type: java.lang.Number
public java.lang.Number getMaxTtlInput();
- Type: java.lang.Number
public java.lang.String getNamespaceInput();
- Type: java.lang.String
public java.lang.String getPasswordPolicyInput();
- Type: java.lang.String
public java.lang.Number getRequestTimeoutInput();
- Type: java.lang.Number
public java.lang.Object getStarttlsInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getTlsMaxVersionInput();
- Type: java.lang.String
public java.lang.String getTlsMinVersionInput();
- Type: java.lang.String
public java.lang.Number getTtlInput();
- Type: java.lang.Number
public java.lang.String getUpndomainInput();
- Type: java.lang.String
public java.lang.String getUrlInput();
- Type: java.lang.String
public java.lang.Object getUsePre111GroupCnBehaviorInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getUserattrInput();
- Type: java.lang.String
public java.lang.String getUserdnInput();
- Type: java.lang.String
public java.lang.Object getUseTokenGroupsInput();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Object getAnonymousGroupSearch();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getBackend();
- Type: java.lang.String
public java.lang.String getBinddn();
- Type: java.lang.String
public java.lang.String getBindpass();
- Type: java.lang.String
public java.lang.Object getCaseSensitiveNames();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getCertificate();
- Type: java.lang.String
public java.lang.String getClientTlsCert();
- Type: java.lang.String
public java.lang.String getClientTlsKey();
- Type: java.lang.String
public java.lang.Number getDefaultLeaseTtlSeconds();
- Type: java.lang.Number
public java.lang.Object getDenyNullBind();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getDescription();
- Type: java.lang.String
public java.lang.Object getDisableRemount();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Object getDiscoverdn();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getGroupattr();
- Type: java.lang.String
public java.lang.String getGroupdn();
- Type: java.lang.String
public java.lang.String getGroupfilter();
- Type: java.lang.String
public java.lang.String getId();
- Type: java.lang.String
public java.lang.Object getInsecureTls();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Number getLastRotationTolerance();
- Type: java.lang.Number
public java.lang.Object getLocal();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.Number getMaxLeaseTtlSeconds();
- Type: java.lang.Number
public java.lang.Number getMaxTtl();
- Type: java.lang.Number
public java.lang.String getNamespace();
- Type: java.lang.String
public java.lang.String getPasswordPolicy();
- Type: java.lang.String
public java.lang.Number getRequestTimeout();
- Type: java.lang.Number
public java.lang.Object getStarttls();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getTlsMaxVersion();
- Type: java.lang.String
public java.lang.String getTlsMinVersion();
- Type: java.lang.String
public java.lang.Number getTtl();
- Type: java.lang.Number
public java.lang.String getUpndomain();
- Type: java.lang.String
public java.lang.String getUrl();
- Type: java.lang.String
public java.lang.Object getUsePre111GroupCnBehavior();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
public java.lang.String getUserattr();
- Type: java.lang.String
public java.lang.String getUserdn();
- Type: java.lang.String
public java.lang.Object getUseTokenGroups();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Name | Type | Description |
---|---|---|
tfResourceType |
java.lang.String |
No description. |
public java.lang.String getTfResourceType();
- Type: java.lang.String
import com.hashicorp.cdktf.providers.vault.ad_secret_backend.AdSecretBackendConfig;
AdSecretBackendConfig.builder()
// .connection(SSHProvisionerConnection)
// .connection(WinrmProvisionerConnection)
// .count(java.lang.Number)
// .count(TerraformCount)
// .dependsOn(java.util.List<ITerraformDependable>)
// .forEach(ITerraformIterator)
// .lifecycle(TerraformResourceLifecycle)
// .provider(TerraformProvider)
// .provisioners(java.util.List<FileProvisioner)
// .provisioners(LocalExecProvisioner)
// .provisioners(RemoteExecProvisioner>)
.binddn(java.lang.String)
.bindpass(java.lang.String)
// .anonymousGroupSearch(java.lang.Boolean)
// .anonymousGroupSearch(IResolvable)
// .backend(java.lang.String)
// .caseSensitiveNames(java.lang.Boolean)
// .caseSensitiveNames(IResolvable)
// .certificate(java.lang.String)
// .clientTlsCert(java.lang.String)
// .clientTlsKey(java.lang.String)
// .defaultLeaseTtlSeconds(java.lang.Number)
// .denyNullBind(java.lang.Boolean)
// .denyNullBind(IResolvable)
// .description(java.lang.String)
// .disableRemount(java.lang.Boolean)
// .disableRemount(IResolvable)
// .discoverdn(java.lang.Boolean)
// .discoverdn(IResolvable)
// .groupattr(java.lang.String)
// .groupdn(java.lang.String)
// .groupfilter(java.lang.String)
// .id(java.lang.String)
// .insecureTls(java.lang.Boolean)
// .insecureTls(IResolvable)
// .lastRotationTolerance(java.lang.Number)
// .local(java.lang.Boolean)
// .local(IResolvable)
// .maxLeaseTtlSeconds(java.lang.Number)
// .maxTtl(java.lang.Number)
// .namespace(java.lang.String)
// .passwordPolicy(java.lang.String)
// .requestTimeout(java.lang.Number)
// .starttls(java.lang.Boolean)
// .starttls(IResolvable)
// .tlsMaxVersion(java.lang.String)
// .tlsMinVersion(java.lang.String)
// .ttl(java.lang.Number)
// .upndomain(java.lang.String)
// .url(java.lang.String)
// .usePre111GroupCnBehavior(java.lang.Boolean)
// .usePre111GroupCnBehavior(IResolvable)
// .userattr(java.lang.String)
// .userdn(java.lang.String)
// .useTokenGroups(java.lang.Boolean)
// .useTokenGroups(IResolvable)
.build();
Name | Type | Description |
---|---|---|
connection |
com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection |
No description. |
count |
java.lang.Number OR com.hashicorp.cdktf.TerraformCount |
No description. |
dependsOn |
java.util.List<com.hashicorp.cdktf.ITerraformDependable> |
No description. |
forEach |
com.hashicorp.cdktf.ITerraformIterator |
No description. |
lifecycle |
com.hashicorp.cdktf.TerraformResourceLifecycle |
No description. |
provider |
com.hashicorp.cdktf.TerraformProvider |
No description. |
provisioners |
java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner> |
No description. |
binddn |
java.lang.String |
Distinguished name of object to bind when performing user and group search. |
bindpass |
java.lang.String |
LDAP password for searching for the user DN. |
anonymousGroupSearch |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test). |
backend |
java.lang.String |
The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad". |
caseSensitiveNames |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If true, case sensitivity will be used when comparing usernames and groups for matching policies. |
certificate |
java.lang.String |
CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded. |
clientTlsCert |
java.lang.String |
Client certificate to provide to the LDAP server, must be x509 PEM encoded. |
clientTlsKey |
java.lang.String |
Client certificate key to provide to the LDAP server, must be x509 PEM encoded. |
defaultLeaseTtlSeconds |
java.lang.Number |
Default lease duration for secrets in seconds. |
denyNullBind |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true. |
description |
java.lang.String |
Human-friendly description of the mount for the backend. |
disableRemount |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If set, opts out of mount migration on path updates. |
discoverdn |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Use anonymous bind to discover the bind DN of a user. |
groupattr |
java.lang.String |
LDAP attribute to follow on objects returned by in order to enumerate user group membership. |
groupdn |
java.lang.String |
LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org). |
groupfilter |
java.lang.String |
Go template for querying group membership of user. |
id |
java.lang.String |
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}. |
insecureTls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Skip LDAP server SSL Certificate verification - insecure and not recommended for production use. |
lastRotationTolerance |
java.lang.Number |
The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band. |
local |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Mark the secrets engine as local-only. |
maxLeaseTtlSeconds |
java.lang.Number |
Maximum possible lease duration for secrets in seconds. |
maxTtl |
java.lang.Number |
In seconds, the maximum password time-to-live. |
namespace |
java.lang.String |
Target namespace. (requires Enterprise). |
passwordPolicy |
java.lang.String |
Name of the password policy to use to generate passwords. |
requestTimeout |
java.lang.Number |
Timeout, in seconds, for the connection when making requests against the server before returning back an error. |
starttls |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
Issue a StartTLS command after establishing unencrypted connection. |
tlsMaxVersion |
java.lang.String |
Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'. |
tlsMinVersion |
java.lang.String |
Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'. |
ttl |
java.lang.Number |
In seconds, the default password time-to-live. |
upndomain |
java.lang.String |
Enables userPrincipalDomain login with [username]@UPNDomain. |
url |
java.lang.String |
LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order. |
usePre111GroupCnBehavior |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations. |
userattr |
java.lang.String |
Attribute used for users (default: cn). |
userdn |
java.lang.String |
LDAP domain to use for users (eg: ou=People,dc=example,dc=org). |
useTokenGroups |
java.lang.Boolean OR com.hashicorp.cdktf.IResolvable |
If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships. |
public java.lang.Object getConnection();
- Type: com.hashicorp.cdktf.SSHProvisionerConnection OR com.hashicorp.cdktf.WinrmProvisionerConnection
public java.lang.Object getCount();
- Type: java.lang.Number OR com.hashicorp.cdktf.TerraformCount
public java.util.List<ITerraformDependable> getDependsOn();
- Type: java.util.List<com.hashicorp.cdktf.ITerraformDependable>
public ITerraformIterator getForEach();
- Type: com.hashicorp.cdktf.ITerraformIterator
public TerraformResourceLifecycle getLifecycle();
- Type: com.hashicorp.cdktf.TerraformResourceLifecycle
public TerraformProvider getProvider();
- Type: com.hashicorp.cdktf.TerraformProvider
public java.lang.Object getProvisioners();
- Type: java.util.List<com.hashicorp.cdktf.FileProvisioner OR com.hashicorp.cdktf.LocalExecProvisioner OR com.hashicorp.cdktf.RemoteExecProvisioner>
public java.lang.String getBinddn();
- Type: java.lang.String
Distinguished name of object to bind when performing user and group search.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#binddn AdSecretBackend#binddn}
public java.lang.String getBindpass();
- Type: java.lang.String
LDAP password for searching for the user DN.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#bindpass AdSecretBackend#bindpass}
public java.lang.Object getAnonymousGroupSearch();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#anonymous_group_search AdSecretBackend#anonymous_group_search}
public java.lang.String getBackend();
- Type: java.lang.String
The mount path for a backend, for example, the path given in "$ vault auth enable -path=my-ad ad".
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#backend AdSecretBackend#backend}
public java.lang.Object getCaseSensitiveNames();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If true, case sensitivity will be used when comparing usernames and groups for matching policies.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#case_sensitive_names AdSecretBackend#case_sensitive_names}
public java.lang.String getCertificate();
- Type: java.lang.String
CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#certificate AdSecretBackend#certificate}
public java.lang.String getClientTlsCert();
- Type: java.lang.String
Client certificate to provide to the LDAP server, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_cert AdSecretBackend#client_tls_cert}
public java.lang.String getClientTlsKey();
- Type: java.lang.String
Client certificate key to provide to the LDAP server, must be x509 PEM encoded.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#client_tls_key AdSecretBackend#client_tls_key}
public java.lang.Number getDefaultLeaseTtlSeconds();
- Type: java.lang.Number
Default lease duration for secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#default_lease_ttl_seconds AdSecretBackend#default_lease_ttl_seconds}
public java.lang.Object getDenyNullBind();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#deny_null_bind AdSecretBackend#deny_null_bind}
public java.lang.String getDescription();
- Type: java.lang.String
Human-friendly description of the mount for the backend.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#description AdSecretBackend#description}
public java.lang.Object getDisableRemount();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If set, opts out of mount migration on path updates.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#disable_remount AdSecretBackend#disable_remount}
public java.lang.Object getDiscoverdn();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Use anonymous bind to discover the bind DN of a user.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#discoverdn AdSecretBackend#discoverdn}
public java.lang.String getGroupattr();
- Type: java.lang.String
LDAP attribute to follow on objects returned by in order to enumerate user group membership.
Examples: "cn" or "memberOf", etc. Default: cn
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupattr AdSecretBackend#groupattr}
public java.lang.String getGroupdn();
- Type: java.lang.String
LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupdn AdSecretBackend#groupdn}
public java.lang.String getGroupfilter();
- Type: java.lang.String
Go template for querying group membership of user.
The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#groupfilter AdSecretBackend#groupfilter}
public java.lang.String getId();
- Type: java.lang.String
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#id AdSecretBackend#id}.
Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2. If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
public java.lang.Object getInsecureTls();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Skip LDAP server SSL Certificate verification - insecure and not recommended for production use.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#insecure_tls AdSecretBackend#insecure_tls}
public java.lang.Number getLastRotationTolerance();
- Type: java.lang.Number
The number of seconds after a Vault rotation where, if Active Directory shows a later rotation, it should be considered out-of-band.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#last_rotation_tolerance AdSecretBackend#last_rotation_tolerance}
public java.lang.Object getLocal();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Mark the secrets engine as local-only.
Local engines are not replicated or removed by replication.Tolerance duration to use when checking the last rotation time.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#local AdSecretBackend#local}
public java.lang.Number getMaxLeaseTtlSeconds();
- Type: java.lang.Number
Maximum possible lease duration for secrets in seconds.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_lease_ttl_seconds AdSecretBackend#max_lease_ttl_seconds}
public java.lang.Number getMaxTtl();
- Type: java.lang.Number
In seconds, the maximum password time-to-live.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#max_ttl AdSecretBackend#max_ttl}
public java.lang.String getNamespace();
- Type: java.lang.String
Target namespace. (requires Enterprise).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#namespace AdSecretBackend#namespace}
public java.lang.String getPasswordPolicy();
- Type: java.lang.String
Name of the password policy to use to generate passwords.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#password_policy AdSecretBackend#password_policy}
public java.lang.Number getRequestTimeout();
- Type: java.lang.Number
Timeout, in seconds, for the connection when making requests against the server before returning back an error.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#request_timeout AdSecretBackend#request_timeout}
public java.lang.Object getStarttls();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
Issue a StartTLS command after establishing unencrypted connection.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#starttls AdSecretBackend#starttls}
public java.lang.String getTlsMaxVersion();
- Type: java.lang.String
Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_max_version AdSecretBackend#tls_max_version}
public java.lang.String getTlsMinVersion();
- Type: java.lang.String
Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#tls_min_version AdSecretBackend#tls_min_version}
public java.lang.Number getTtl();
- Type: java.lang.Number
In seconds, the default password time-to-live.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#ttl AdSecretBackend#ttl}
public java.lang.String getUpndomain();
- Type: java.lang.String
Enables userPrincipalDomain login with [username]@UPNDomain.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#upndomain AdSecretBackend#upndomain}
public java.lang.String getUrl();
- Type: java.lang.String
LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#url AdSecretBackend#url}
public java.lang.Object getUsePre111GroupCnBehavior();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_pre111_group_cn_behavior AdSecretBackend#use_pre111_group_cn_behavior}
public java.lang.String getUserattr();
- Type: java.lang.String
Attribute used for users (default: cn).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userattr AdSecretBackend#userattr}
public java.lang.String getUserdn();
- Type: java.lang.String
LDAP domain to use for users (eg: ou=People,dc=example,dc=org).
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#userdn AdSecretBackend#userdn}
public java.lang.Object getUseTokenGroups();
- Type: java.lang.Boolean OR com.hashicorp.cdktf.IResolvable
If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.
This will find all security groups including nested ones.
Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/vault/4.4.0/docs/resources/ad_secret_backend#use_token_groups AdSecretBackend#use_token_groups}